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CLAIMS 



What is claimed is: 



1 . A method for establishing trust in an email client, the method comprising: 

accepting in an email server a data communications connection from an email 
client, wherein the connection includes the email client's network address; 

determining from a stored list of trusted network addresses whether the email 
client is trusted according to the email client's network address; 



if the email client is not trusted according to the email client's network 
10 address, receiving authentication data from the email client and determining 

whether the email client is trusted according to the authentication data; and 



if the email client is not trusted according to the email client's network 
address and the email client is not trusted according to the authentication data, 
1 5 receiving a sender domain name for an email message from the email client 

and determining whether the email client is trusted according to the sender 
domain name. 



2. The method of claim 1 wherein determining whether the email client is trusted 
according to the sender domain name further comprises requesting from a 
domain name service a resource record of a type that lists for a sender domain 
network addresses of email exchanges that are authorized to act as outbound 
5 email exchanges for the sender domain. 



3. The method of claim 1 wherein determining whether the email client is trusted 
according to the sender domain name further comprises determining whether a 
domain name service resource record associates the email client's network 
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address with the sender domain name, the DNS resource record being of a 
type that lists for a sender domain network addresses of email exchanges that 
are authorized to act as outbound email exchanges for the sender domain. 

4. The method of claim 1 wherein the email client is trusted according to the 
authentication data, and the method further comprises storing the email 
client's network address in association with a trust time limit in the list of 
trusted network addresses. 

5. The method of claim 1 further comprising: 

accepting in the email server a connection from an email client requesting 
delivery of an email message according to a protocol that includes client 
authentication, wherein the connection includes the network address of the 
email client requesting delivery of an email message; 

authenticating the email client requesting delivery of an email message; 

delivering the email message to the email client requesting delivery of an 
email message; and 

storing the network address of the email client requesting delivery of an email 
message in association with a trust time limit in the list of trusted network 
addresses. 

6. The method of claim 1 wherein the email client is an email exchange that 
accepts outbound email messages only from trusted senders. 

7. The method of claim 1 wherein receiving a sender domain name further 
comprises receiving the sender domain name in an SMTP MAILFROM 
message. 
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5 

8. The method of claim 1 wherein the email client is not trusted according to the 
email client's network address, the email client is not trusted according to the 
authentication, the email client is not trusted according to the sender domain 
name, and the method further comprises sending an error message to the email 
5 client and closing the connection. 



24 



AUS920040008US1 



Patent Application 



9. A system for establishing trust in an email client, the system comprising: 

means for accepting in an email server a data communications connection 
from an email client, wherein the connection includes the email client's 
network address; 

means for determining from a stored list of trusted network addresses whether 
the email client is trusted according to the email client's network address; 

means for receiving authentication data from the email client and means for 
determining whether the email client is trusted according to the authentication 
data if the email client is not trusted according to the email client's network 
address; and 

means for receiving a sender domain name for an email message from the 
email client and means for determining whether the email client is trusted 
according to the sender domain name if the email client is not trusted 
according to the email client's network address and the email client is not 
trusted according to the authentication data. 

10. The system of claim 9 wherein means for determining whether the email 
client is trusted according to the sender domain name further comprises means 
for requesting from a domain name service a resource record of a type that 
lists for a sender domain network addresses of email exchanges that are 
authorized to act as outbound email exchanges for the sender domain. 

1 1 . The system of claim 9 wherein means for determining whether the email 
client is trusted according to the sender domain name further comprises means 
for determining whether a domain name service resource record associates the 
email client's network address with the sender domain name, the DNS 
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resource record being of a type that lists for a sender domain network 
addresses of email exchanges that are authorized to act as outbound email 
exchanges for the sender domain. 

12. The system of claim 9 wherein the email client is trusted according to the 
authentication data, and the system further comprises means for storing the 
email client's network address in association with a trust time limit in the list 
of trusted network addresses. 

13. The system of claim 9 further comprising: 

means for accepting in the email server a connection from an email client 
requesting delivery of an email message according to a protocol that includes 
client authentication, wherein the connection includes the network address of 
the email client requesting delivery of an email message; 

means for authenticating the email client requesting delivery of an email 
message; 

means for delivering the email message to the email client requesting delivery 
of an email message; and 

means for storing the network address of the email client requesting delivery 
of an email message in association with a trust time limit in the list of trusted 
network addresses. 

14. The system of claim 9 wherein the email client is an email exchange that 
accepts outbound email messages only from trusted senders. 
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15. The system of claim 9 wherein means for receiving a sender domain name 
further comprises means for receiving the sender domain name in an SMTP 
MAILFROM message. 

16. The system of claim 9 further comprising means for sending an error message 
to the email client and means for closing the connection if the email client is 
not trusted according to the email client's network address, the email client is 
not trusted according to the authentication, and the email client is not trusted 
according to the sender domain name. 
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17. A computer program product for establishing trust in an email client, the 
computer program product comprising: 

means, recorded on the recording medium, for accepting in an email server a 
data communications connection from an email client, wherein the connection 
includes the email client's network address; 

means, recorded on the recording medium, for determining from a stored list 
of trusted network addresses whether the email client is trusted according to 
the email client's network address; 

means, recorded on the recording medium, for receiving authentication data 
from the email client and means, recorded on the recording medium, for 
determining whether the email client is trusted according to the authentication 
data if the email client is not trusted according to the email client's network 
address; and 

means, recorded on the recording medium, for receiving a sender domain 
name for an email message from the email client and means, recorded on the 
recording medium, for determining whether the email client is trusted 
according to the sender domain name if the email client is not trusted 
according to the email client's network address and the email client is not 
trusted according to the authentication data. 

1 8. The computer program product of claim 1 7 wherein means, recorded on the 
recording medium, for determining whether the email client is trusted 
according to the sender domain name further comprises means, recorded on 
the recording medium, for requesting from a domain name service a resource 
record of a type that lists for a sender domain network addresses of email 
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exchanges that are authorized to act as outbound email exchanges for the 
sender domain. 

19. The computer program product of claim 1 7 wherein means, recorded on the 
recording medium, for determining whether the email client is trusted 
according to the sender domain name further comprises means, recorded on 
the recording medium, for determining whether a domain name service 
resource record associates the email client's network address with the sender 
domain name, the DNS resource record being of a type that lists for a sender 
domain network addresses of email exchanges that are authorized to act as 
outbound email exchanges for the sender domain. 

20. The computer program product of claim 1 7 wherein the email client is trusted 
according to the authentication data, and the computer program product 
further comprises means, recorded on the recording medium, for storing the 
email client's network address in association with a trust time limit in the list 
of trusted network addresses. 

21 . The computer program product of claim 17 further comprising: 

means, recorded on the recording medium, for accepting in the email server a 
connection from an email client requesting delivery of an email message 
according to a protocol that includes client authentication, wherein the 
connection includes the network address of the email client requesting 
delivery of an email message; 

means, recorded on the recording medium, for authenticating the email client 
requesting delivery of an email message; 

means, recorded on the recording medium, for delivering the email message to 
the email client requesting delivery of an email message; and 
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means, recorded on the recording medium, for storing the network address of 
the email client requesting delivery of an email message in association with a 
trust time limit in the list of trusted network addresses. 

22. The computer program product of claim 17 wherein the email client is an 
email exchange that accepts outbound email messages only from trusted 
senders. 

23. The computer program product of claim 17 wherein means, recorded on the 
recording medium, for receiving a sender domain name further comprises 
means, recorded on the recording medium, for receiving the sender domain 
name in an SMTP MAILFROM message. 

24. The computer program product of claim 17 further comprising means, 
recorded on the recording medium, for sending an error message to the email 
client and means, recorded on the recording medium, for closing the 
connection if the email client is not trusted according to the email client's 
network address, the email client is not trusted according to the authentication, 
and the email client is not trusted according to the sender domain name. 
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